agent-claw: automated task changes

cdk/node_modules/aws-cdk-lib/aws-codepipeline-actions/lib/inspector/ecr-image-scan-action.d.ts

@@ -0,0 +1,29 @@
+import type { Construct } from 'constructs';
+import type { InspectorScanActionBaseProps } from './scan-action-base';
+import { InspectorScanActionBase } from './scan-action-base';
+import type * as codepipeline from '../../../aws-codepipeline';
+import type { IRepositoryRef } from '../../../interfaces/generated/aws-ecr-interfaces.generated';
+/**
+ * Construction properties of the `InspectorEcrImageScanAction`.
+ */
+export interface InspectorEcrImageScanActionProps extends InspectorScanActionBaseProps {
+    /**
+     * The Amazon ECR repository where the image is pushed.
+     */
+    readonly repository: IRepositoryRef;
+    /**
+     * The tag used for the image.
+     *
+     * @default 'latest'
+     */
+    readonly imageTag?: string;
+}
+/**
+ * CodePipeline invoke action that uses AWS InspectorScan for ECR images.
+ */
+export declare class InspectorEcrImageScanAction extends InspectorScanActionBase {
+    private readonly ecrProps;
+    constructor(props: InspectorEcrImageScanActionProps);
+    protected renderActionConfiguration(): Record<string, any>;
+    protected bound(scope: Construct, stage: codepipeline.IStage, options: codepipeline.ActionBindOptions): codepipeline.ActionConfig;
+}

cdk/node_modules/aws-cdk-lib/aws-codepipeline-actions/lib/inspector/ecr-image-scan-action.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.InspectorEcrImageScanAction=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var scan_action_base_1=()=>{var tmp=require("./scan-action-base");return scan_action_base_1=()=>tmp,tmp},ecr=()=>{var tmp=require("../../../aws-ecr");return ecr=()=>tmp,tmp},iam=()=>{var tmp=require("../../../aws-iam");return iam=()=>tmp,tmp};class InspectorEcrImageScanAction extends scan_action_base_1().InspectorScanActionBase{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_codepipeline_actions.InspectorEcrImageScanAction",version:"2.252.0"};ecrProps;constructor(props){super(props);try{jsiiDeprecationWarnings().aws_cdk_lib_aws_codepipeline_actions_InspectorEcrImageScanActionProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,InspectorEcrImageScanAction),error}this.ecrProps=props}renderActionConfiguration(){return{InspectorRunMode:"ECRImageScan",ECRRepositoryName:this.ecrProps.repository.repositoryRef.repositoryName,ImageTag:this.ecrProps.imageTag}}bound(scope,stage,options){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_codepipeline_IStage(stage),jsiiDeprecationWarnings().aws_cdk_lib_aws_codepipeline_ActionBindOptions(options)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.bound),error}const config=super.bound(scope,stage,options);return options.role.addToPrincipalPolicy(new(iam()).PolicyStatement({resources:[this.ecrProps.repository.repositoryRef.repositoryArn],actions:["ecr:GetDownloadUrlForLayer","ecr:BatchGetImage","ecr:BatchCheckLayerAvailability"]})),ecr().AuthorizationToken.grantRead(options.role),config}}exports.InspectorEcrImageScanAction=InspectorEcrImageScanAction;

cdk/node_modules/aws-cdk-lib/aws-codepipeline-actions/lib/inspector/index.d.ts

@@ -0,0 +1,3 @@
+export * from './scan-action-base';
+export * from './source-code-scan-action';
+export * from './ecr-image-scan-action';

cdk/node_modules/aws-cdk-lib/aws-codepipeline-actions/lib/inspector/index.js

@@ -0,0 +1 @@
+"use strict";var __createBinding=exports&&exports.__createBinding||(Object.create?(function(o,m,k,k2){k2===void 0&&(k2=k);var desc=Object.getOwnPropertyDescriptor(m,k);(!desc||("get"in desc?!m.__esModule:desc.writable||desc.configurable))&&(desc={enumerable:!0,get:function(){return m[k]}}),Object.defineProperty(o,k2,desc)}):(function(o,m,k,k2){k2===void 0&&(k2=k),o[k2]=m[k]})),__exportStar=exports&&exports.__exportStar||function(m,exports2){for(var p in m)p!=="default"&&!Object.prototype.hasOwnProperty.call(exports2,p)&&__createBinding(exports2,m,p)};Object.defineProperty(exports,"__esModule",{value:!0});var _noFold;exports.InspectorScanActionBase=void 0,Object.defineProperty(exports,_noFold="InspectorScanActionBase",{enumerable:!0,configurable:!0,get:()=>{var value=require("./scan-action-base").InspectorScanActionBase;return Object.defineProperty(exports,_noFold="InspectorScanActionBase",{enumerable:!0,configurable:!0,value}),value}}),exports.InspectorSourceCodeScanAction=void 0,Object.defineProperty(exports,_noFold="InspectorSourceCodeScanAction",{enumerable:!0,configurable:!0,get:()=>{var value=require("./source-code-scan-action").InspectorSourceCodeScanAction;return Object.defineProperty(exports,_noFold="InspectorSourceCodeScanAction",{enumerable:!0,configurable:!0,value}),value}}),exports.InspectorEcrImageScanAction=void 0,Object.defineProperty(exports,_noFold="InspectorEcrImageScanAction",{enumerable:!0,configurable:!0,get:()=>{var value=require("./ecr-image-scan-action").InspectorEcrImageScanAction;return Object.defineProperty(exports,_noFold="InspectorEcrImageScanAction",{enumerable:!0,configurable:!0,value}),value}});

cdk/node_modules/aws-cdk-lib/aws-codepipeline-actions/lib/inspector/scan-action-base.d.ts

@@ -0,0 +1,62 @@
+import type { Construct } from 'constructs';
+import * as codepipeline from '../../../aws-codepipeline';
+import { Action } from '../action';
+/**
+ * The CodePipeline variables emitted by the InspectorScan Action.
+ */
+export interface InspectorScanVariables {
+    /**
+     * The highest severity output from the scan.
+     *
+     * Valid values are medium | high | critical.
+     */
+    readonly highestScannedSeverity: string;
+}
+/**
+ * Base construction properties of the `InspectorScanActionBase`.
+ */
+export interface InspectorScanActionBaseProps extends codepipeline.CommonAwsActionProps {
+    /**
+     * The number of critical severity vulnerabilities found in your source
+     * beyond which CodePipeline should fail the action.
+     *
+     * @default - no threshold
+     */
+    readonly criticalThreshold?: number;
+    /**
+     * The number of high severity vulnerabilities found in your source
+     * beyond which CodePipeline should fail the action.
+     *
+     * @default - no threshold
+     */
+    readonly highThreshold?: number;
+    /**
+     * The number of medium severity vulnerabilities found in your source
+     * beyond which CodePipeline should fail the action.
+     *
+     * @default - no threshold
+     */
+    readonly mediumThreshold?: number;
+    /**
+     * The number of low severity vulnerabilities found in your source
+     * beyond which CodePipeline should fail the action.
+     *
+     * @default - no threshold
+     */
+    readonly lowThreshold?: number;
+    /**
+     * Vulnerability details of your source in the form of a Software Bill of Materials (SBOM) file.
+     */
+    readonly output: codepipeline.Artifact;
+}
+/**
+ * CodePipeline invoke action that uses AWS InspectorScan.
+ */
+export declare abstract class InspectorScanActionBase extends Action {
+    protected readonly props: InspectorScanActionBaseProps;
+    constructor(props: InspectorScanActionBaseProps);
+    /** The variables emitted by this action. */
+    get variables(): InspectorScanVariables;
+    protected abstract renderActionConfiguration(): Record<string, any>;
+    protected bound(scope: Construct, stage: codepipeline.IStage, options: codepipeline.ActionBindOptions): codepipeline.ActionConfig;
+}

cdk/node_modules/aws-cdk-lib/aws-codepipeline-actions/lib/inspector/scan-action-base.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.InspectorScanActionBase=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var codepipeline=()=>{var tmp=require("../../../aws-codepipeline");return codepipeline=()=>tmp,tmp},iam=()=>{var tmp=require("../../../aws-iam");return iam=()=>tmp,tmp},cdk=()=>{var tmp=require("../../../core");return cdk=()=>tmp,tmp},action_1=()=>{var tmp=require("../action");return action_1=()=>tmp,tmp};class InspectorScanActionBase extends action_1().Action{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_codepipeline_actions.InspectorScanActionBase",version:"2.252.0"};props;constructor(props){super({...props,category:codepipeline().ActionCategory.INVOKE,provider:"InspectorScan",artifactBounds:{minInputs:0,maxInputs:1,minOutputs:1,maxOutputs:1},outputs:[props.output]});try{jsiiDeprecationWarnings().aws_cdk_lib_aws_codepipeline_actions_InspectorScanActionBaseProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,InspectorScanActionBase),error}this.props=props}get variables(){return{highestScannedSeverity:this.variableExpression("HighestScannedSeverity")}}bound(scope,stage,options){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_codepipeline_IStage(stage),jsiiDeprecationWarnings().aws_cdk_lib_aws_codepipeline_ActionBindOptions(options)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.bound),error}options.role.addToPrincipalPolicy(new(iam()).PolicyStatement({resources:["*"],actions:["inspector-scan:ScanSbom"]}));const logGroupArn=cdk().Stack.of(scope).formatArn({service:"logs",resource:"log-group",resourceName:`/aws/codepipeline/${stage.pipeline.pipelineName}`,arnFormat:cdk().ArnFormat.COLON_RESOURCE_NAME}),logGroupArnWithWildcard=`${logGroupArn}:*`;return options.role.addToPrincipalPolicy(new(iam()).PolicyStatement({resources:[logGroupArn,logGroupArnWithWildcard],actions:["logs:CreateLogGroup","logs:CreateLogStream","logs:PutLogEvents"]})),(this.actionProperties.outputs??[]).length>0&&options.bucket.grantWrite(options.role),{configuration:{...this.renderActionConfiguration(),CriticalThreshold:this.props.criticalThreshold,HighThreshold:this.props.highThreshold,MediumThreshold:this.props.mediumThreshold,LowThreshold:this.props.lowThreshold}}}}exports.InspectorScanActionBase=InspectorScanActionBase;

cdk/node_modules/aws-cdk-lib/aws-codepipeline-actions/lib/inspector/source-code-scan-action.d.ts

@@ -0,0 +1,21 @@
+import type { Construct } from 'constructs';
+import type { InspectorScanActionBaseProps } from './scan-action-base';
+import { InspectorScanActionBase } from './scan-action-base';
+import type * as codepipeline from '../../../aws-codepipeline';
+/**
+ * Construction properties of the `InspectorSourceCodeScanAction`.
+ */
+export interface InspectorSourceCodeScanActionProps extends InspectorScanActionBaseProps {
+    /**
+     * The source code to scan for vulnerabilities.
+     */
+    readonly input: codepipeline.Artifact;
+}
+/**
+ * CodePipeline invoke action that uses AWS InspectorScan for source code.
+ */
+export declare class InspectorSourceCodeScanAction extends InspectorScanActionBase {
+    constructor(props: InspectorSourceCodeScanActionProps);
+    protected renderActionConfiguration(): Record<string, any>;
+    protected bound(scope: Construct, stage: codepipeline.IStage, options: codepipeline.ActionBindOptions): codepipeline.ActionConfig;
+}

cdk/node_modules/aws-cdk-lib/aws-codepipeline-actions/lib/inspector/source-code-scan-action.js

@@ -0,0 +1 @@
+"use strict";Object.defineProperty(exports,"__esModule",{value:!0}),exports.InspectorSourceCodeScanAction=void 0;var jsiiDeprecationWarnings=()=>{var tmp=require("../../../.warnings.jsii.js");return jsiiDeprecationWarnings=()=>tmp,tmp};const JSII_RTTI_SYMBOL_1=Symbol.for("jsii.rtti");var scan_action_base_1=()=>{var tmp=require("./scan-action-base");return scan_action_base_1=()=>tmp,tmp};class InspectorSourceCodeScanAction extends scan_action_base_1().InspectorScanActionBase{static[JSII_RTTI_SYMBOL_1]={fqn:"aws-cdk-lib.aws_codepipeline_actions.InspectorSourceCodeScanAction",version:"2.252.0"};constructor(props){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_codepipeline_actions_InspectorSourceCodeScanActionProps(props)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,InspectorSourceCodeScanAction),error}const baseProps={...props,inputs:[props.input]};super(baseProps)}renderActionConfiguration(){return{InspectorRunMode:"SourceCodeScan"}}bound(scope,stage,options){try{jsiiDeprecationWarnings().aws_cdk_lib_aws_codepipeline_IStage(stage),jsiiDeprecationWarnings().aws_cdk_lib_aws_codepipeline_ActionBindOptions(options)}catch(error){throw process.env.JSII_DEBUG!=="1"&&error.name==="DeprecationError"&&Error.captureStackTrace(error,this.bound),error}const config=super.bound(scope,stage,options);return(this.actionProperties.inputs??[]).length>0&&options.bucket.grantRead(options.role),config}}exports.InspectorSourceCodeScanAction=InspectorSourceCodeScanAction;